My name is Gautham SB
I'm a aspiring Cybersecurity Professional, I specialize in defensive security. My expertise spans across SIEM implementation, SOC operations, intrusion detection, and log monitoring. I'm proficient in utilizing industry-standard tools such as Wazuh SIEM, Splunk Enterprise, and Graylog SIEM to enhance threat detection capabilities and streamline security operations. My background in networking, coupled with a deep understanding of the incident response lifecycle and security compliance frameworks like GDPR, allows me to approach cybersecurity challenges holistically. I'm passionate about proactive threat hunting and continuously improving defensive strategies to stay ahead of potential security risks.
Contact: gauth360@gmail.com | +91-9916845728
GitHub: github.com/gauthamsb777
LinkedIn: linkedin.com/in/gautham-shridhar-bhandari/
Letterboxd: linkedin.com/gautham_777/
Education and Certifications
- Bachelor of Technology in Cyber Security
- CCNA: Enterprise Networking, Security and Automation (Cisco, Jan 2023)
- Google Cybersecurity Professional Certification
- Cybrary Incident Response Lifecycle
Professional Experience
Cyber Security Analyst (Intern) - EyeQ Dot net
April 2023 - September 2023
During my internship, I focused on enhancing defensive security measures:
- Conducted thorough vulnerability assessments on web applications and network infrastructures, identifying potential attack vectors and recommending mitigation strategies.
- Implemented and optimized security tools to improve threat detection rates, contributing to a more robust security posture.
- Developed best practices for secure system configurations and authentication protocols, significantly reducing the risk of security incidents. show credential
My Projects
SIEM and XDR implementation with Wazuh
Setup Wazuh Open-Source security platform into multiple endpoints to detect, analyze, and respond to security threats on AWS EC2 instances. Configured network-based intrusion detection with Suricata, created custom dashboards for security events and HIPAA compliance, and set up real-time alerting systems. The solution provides robust log analysis, threat detection, and compliance monitoring across cloud and on-premise environments.
IDS implementation with suricata and Splunk enterprise
This project is a full fledged Intrusion detection solution implemented with open source IDS platform called suricata and a log management and response platform called splunk enterprise and forwarder(log sender) by managing network logs and detecting network threats using pattern detection and responding through custom actions
File Integrity Monitoring System
Developed File Integrity Monitor tool uses Python and RSA encryption and creates SHA-512 crytographic hash as a baseline and continously creates the hash and compares that with the baseline in real-time to ensuring authencity of the directory.
Self-Hosted Secure Communication tool
This Python-based self-hosted secure chatroom tool uses a client-server model. The tool features RSA based encryption, token-based access with encrypted tokens, security questions, and real-time encrypted messaging. It implements a four-layer security approach including Fernet encrypted tokens, 2048-bit RSA encryption, temporary access codes, and security questions.